DE69635328T2 - Personalization of subscriber identification modules for mobile phones via radio - Google Patents

Description

The The present invention relates to a mobile terminal for telecommunications, to Example, a portable telephone, and relates to a communication network, makes the use of such terminals. In particular, refers The present invention relates to portable telephones, the user identity modules (UIMs).

portable Telephone systems are known which contain a subscriber or user identity feature, when the phone is manually connected to a user identity module (UIM) can be bound or closed.

European patent application number 93302420.0, publication number EP 0,562,890 A1 belonging to Green, entitled "Mobile Communication Network with Remote Updating of Subscriber Identity Modules in Mobile Terminals", Mobile Communication Network with Remote Update of Subscriber Identity Modules in Mobile Terminals, filed March 29, 1993, discloses a communication network having a switching network, The mobile device includes a subscriber identity module which stores data for controlling the operation of the user and the facilities available to the user of the mobile device The switching network transmits update signals to the mobile device which changes the data stored in the subscriber identity module and therefore changes the operation on the available devices.

Currently included Mobile phones, in particular those used on the Groupe Speciale Mobile or Special Mobile Group (GSM) standards are based, an electronic Module that is previously known as a Subscriber Identity Module or SIM and which is now a user identity module (UIM) referred to as. The UIM stores data by the mobile phone as well as herein as a mobile terminal (MT). referred to as. The UIM is preconfigured that it is a unique identifier for one contains individual user, and may also include suitable autofilling functions. The UIM is also capable of storing temporary data such as paging messages and to save a telephone number directory.

In the current one GSM-based system, the subscriber identity or identifier is not on the Mobile terminal (MT) based. This is done by using the UIMs reached. The UIM is a module or smart card that is installed in the phone and a unique user identification information Has.

GSM-based Systems allow a user to turn his UIM card into any one Mobile terminal introduces and that it is through the GSM network via information on the UIM rather than being recognized as having information with the individual Terminal that is in use are linked. In this system is the mobile device through an IMEI (International Mobile Equipment Identity, International Mobile Equipment Identity) identifiable; however, queries are about this information too check, processing wise 'expensive' and usually will not Verified on a per call basis.

These Factors have been exploited by thieves who have an extensive 'black market' for terminals have developed and use the GSM-based interfaces have revealed that hundreds of thousands of mobile terminals are stolen every year become.

Known Binding or shutter functions have a four- to eight-digit pin code in common and, if activated, must Code can be entered every time when the mobile terminal is turned on will be done before any operations can be performed.

As well Mobile terminals also provide a UIM lock or binding that constructs is to prevent the mobile station unauthorized UIMs without a main or Master password accepted. When activated, the mobile station becomes accept only previously authorized UIMs. Such a terminal is disclosed in EP-A-0 607 767.

According to one In the first aspect of the present invention, there is a mobile communication network to disposal provided that at least a central base network and a plurality of remote mobile terminals comprises the circuits to transfer or sending and receiving electronic signals, wherein each of the remote mobile terminals is a user identity module Contains (UIM), the personalized user data for controlling the transmission contains signals of it wherein the central base switching network comprises means for transmitting of signals to a selected one Mobile terminal for selectively binding the selected remote mobile terminal to the locked UIM and the contained UIM to the selected long distance mobile terminal, wherein thereby an operation of the selected one Remote-Mobile Terminales with any other of the UIMs and an operation of the contained Prevents UIMs with any other of the remote mobile terminals becomes.

According to a second aspect of the present invention there is a method for binding a selected mobile remote terminal of a mobile communications network having at least one centralized central office network and a plurality of remote terminals including circuits for transmitting and receiving electronic signals, each of the remote mobile terminals including a user identity module (UIM), the personalized user data for controlling the transmission of signals thereof, comprising the steps of step 1, transmitting data signals from the centralized central office to a UIM of a selected remote mobile terminal, and a step 2: receiving the data signals transmitted by the centralized central office network and selective Binding the selected remote mobile terminal to the contained UIM and the contained UIM to the selected remote mobile terminal, wherein operation of the selected remote mobile terminal with any other UIMs and operation of the contained UIMs with any other de r remote mobile terminals is prevented.

embodiments of the present invention reduce the value of a stolen mobile term as soon as detected, by "binding" the mobile terminal to the UIM card in the mobile terminal at the time of capture in use, if any is available. A binding of the mobile terminal to a specific UIM means that the mobile terminal is not with any other UIM can be used, and thus its resale value reduced. additionally is this procedure with a collection of information about the UIM, used in the stolen mobile terminal to follow through the right authorities coupled to recover the mobile terminal.

exemplary embodiments In accordance with the present invention, a mobile telephone system to disposal make a UIM close and -open automatically through the network signaling over activates the BTS to a mobile station common air interface becomes.

exemplary embodiments In accordance with the present invention, a mobile telephone system to disposal put the option of binding the UIM to the mobile phone so considered, that the UIM uses only with a specific linked mobile phone can be.

exemplary embodiments In accordance with the present invention, a mobile telephone system to disposal The option of binding the mobile phone to the UIM so considered, that the mobile phone will only be used with the specific UIM can.

preferred embodiments The present invention will now be described with reference to the following drawings described by way of example. Show it

1 a schematic block diagram illustrating an embodiment of a communication network of the present invention;

2 a flow chart of the network logic, MSC 30 from 1 for processing messages in accordance with a method of the present invention;

3 a flow chart of the mobile terminal logic, MT 10 from 1 for processing messages in accordance with a method of the present invention;

4 a flow chart of the user interface module logic, UIM 20 from 1 , for processing news;

5a and 5b the structure of messages that may be used in embodiments in accordance with the invention; and

6 a flowchart for an initialization logic that in the UIM 20 from 1 is required to perform the UIM IMEI binding in an embodiment of the present invention.

Becoming present GSM mobile terminals easily reused after being stolen were, just by a valid UIM card is introduced, if the rightful owner forgot or neglected, to "connect" or "connect" his mobile phone to his UIM. In addition, since rental units usually do not adhere to a specific UIM card would be bound These mobile terminals are particularly vulnerable to being stolen. As a result of these facts there is a thriving market with stolen ones GSM mobile terminals. In accordance with embodiments The present invention provides a mechanism and a method shown by which a mobile terminal, which has been determined is to be stolen, to which UIM can be tied introduced into the unit and therefore less resale is made valuable.

One Mobile Terminal (MT) in accordance with the present invention to the UIM through an over-the-air command bound. additionally show embodiments the present invention, a system in which a UIM, in a Mobile terminal introduced which can be tied to the IMEI of the mobile terminal the UIM is made usable only in the mobile terminal to which it is tied up.

Especially the telephone network periodically or regularly asks the IMEI of the mobile terminal, that is used by subscribers on the system. If that IMEI a mobile terminal is found on a 'theft list', the network can then instruct the mobile station (s) to connect to UIM by a message exchange to and from the mobile terminal via the air interface enabled to enable the UIM binding feature that a transmitted Bit pattern used.

One Communication network closes typically a mobile switching center (MSC), for example by radio telephony with mobile terminals (MT) such as one Mobile phone communicates. The mobile terminal contains one Subscriber or a user identity module that has data to control the operation of and the facilities available stores to the user of the mobile terminal.

in the In accordance with one aspect of the present invention, the switching network transmits updating Signals to the mobile terminal indicating the data and security status of the mobile terminal and / or the security status of the user identity module.

Referring to 1 a communication network is shown that has a mobile terminal (MT) 10 such as a mobile phone and a switching network 8th includes a mobile switching (MSC) center 30 contains a number of base station controllers (BSC) 40 for different cell sites in which the mobile terminal 10 a device identity register (EIR) 60 operating with a common device identity register (CEIR). 80 connected to other device identity registers 60 - 1 . 60 - 2 , 60-N associated with other switching networks and their associated mobile terminals. An operating subsystem (OSS) 70 can be provided to the device identity register 60 to update. Communication over the air to and from mobile terminals such as the mobile terminal 10 is transmitted via a base station transmitting / receiving unit (BTS) 50 executed.

Each mobile terminal in the communication network, such as the mobile terminal 10 closes a user identity module (UIM) 20 storing pre-programmed data unique to a particular user and an international mobile device identity unit (IMEI) 15 , Any international mobile device identity 15 is unique to their mobile terminal 10 and is used to the mobile terminal 10 at the mobile switching center 30 to identify.

In 1 is a normal communication between the communication network of the MSC 30 to a mobile telephone or other mobile terminal MT 10 via one of many base station controllers BSC 40 via one of their linked base transceiver systems BTS 50 in front.

The MT 10 contains a user identity module UIM 20 which stores a unique identifier or identifier of a particular user as well as any available authentication functions for the user. The MT 10 also includes a unique international mobile device identity IMEI 15 ,

The MSC 30 contains or has communication channels to access the home location register HLR 35 to grapple for a particular user. The HLR 35 contains a functional subdivision, which serves as the authentication center AuC 36 which handles the security data used to authenticate the users. Together, the AuC 36 -Functions of the HLR 35 and the corresponding authentication functions in the UIM 10 a relatively secure and robust means of validating or authenticating a user and thus preventing various types of fraudulent use.

The MSC 30 has communication channels on a device identity register EIR 60 which is a database, what information is in view of the validity and status of the mobile device MT 10 through their international mobile device identifier IMEI 15 contains, which is known to the communication network. The EIR 60 contains three 'lists'. One is the 'way list', which is the range of valid type-approved mobile device MT 10 includes. Another is the blacklist which lists IMEI 15 which have been reported as either stolen or severely malfunctioning. The third list, a 'gray list', is an intermediate between 'white' and 'black', which includes suspicious units before authorities confirm a black listing.

The steps of a process in accordance with the present invention are described in the blocks of 2 shown. At the start of communications between the MT 10 and the MSC 30 Various types of binding message sequences are exchanged, representing common knowledge for the skilled person. After this conventional messaging, it is for the MSC 30 required, the IMEI 15 of the MT 10 , as in 2 block 300 displayed to receive. In conventional systems, this is done by transmitting an IDENTITY REQUEST or ACCOUNT REQUEST report to the MT 10 reached. The conventional MT 10 responds with an IDENTIY RESPONSE or NOTICE ANSWER message, which the IMEI 15 contains. One of the features in accordance with the present invention is the optimization of this message exchange by allowing the IMEI 15 -Information is included in the conventional binding news, as noted earlier. Particularly in a preferred embodiment of this invention, the IMEI 15 Information in the LOCATION UPDATING REQUEST or LOCATION UPDATE REQUEST message from the MT 10 packed.

The format and structure of LOCATION UPDATE REQUIREMENT in conventional systems can only carry the IMEI if the MT 10 not a UIM 20 contains or the UIM 20 is considered invalid for any reason. It is the object of an optimization aspect of this invention that always include the IMEI in the LOCATION REQUEST REQUEST, whether a TMSI or IMSI is also included in this message or not. In those cases where a TMSI or IMSI is also included in the LOCATION REQUEST REQUEST, the message should contain two MOBIL IDENTITY MOBILE IDENTIFICATION information elements, one for a TMSI or IMSI and one for an IMEI. In those cases where the LOCATION UPDATE REQUEST contains only the IMEI, the message should be identical to the conventional LOCATION REQUEST REQUIREMENTS used in today's systems.

Notwithstanding the IMEI 15 is obtained via an MSC 30 Explicit IDENTITY REQUEST or ACCOUNT REQUEST sequence, or automatically through a preferred upgrade of the LOCATION REQUEST REQUEST or another conventional mandatory message, asks the MSC 30 the EIR 60 at block 305 in 2 off to the status of the IMEI 15 to be determined by the MT 10 is reported. If the EIR 60 indicates that the IMEI 15 in the 'black list' as a stolen mobile phone or a unit with a serious malfunction at Block 310 is included, a control flows to block 311 in which the MSC 30 determined when the MT-UIM binding function is enabled. If the EIR 60 Query has indicated that the mobile terminal was not stolen or in block 310 blacklisted, a controller branches to block 335 and the process is ended.

The MT-UIM binding function will normally be free, but it can work for a specific MSC 30 be locked if its operator so wishes. If the function in block 311 is released, passes a branch at block 311 to block 315 , When an MT-UIM binding function is locked, a branch passes at block 311 to block 320 ,

When a control to block 315 is handed over, the MSC constructs 30 a SECURITY REQUEST MESSAGE that specifies an MT-UIM BIND command ( 5a ) and transmits this message via the BSC 40 and BTS 50 Units that are in communication with the MT 10 located, or as in 1 is explained. In a preferred embodiment of the invention, all SECURITY REQUEST messages are transmitted in a ciphered mode.

The SECURITY REQUEST MESSAGE containing an MT-UIM-BINDING command contains a RAND and SRES pair that can be accessed through the AuC 36 Function of the HLR 35 provided with the user UIM 20 is linked to the MT 10 provide a means to ensure that the command is valid and not the result of unauthorized mischief or 'hacking'. A control flow of block 315 drives to block 316 continued. In block 316 awaits the MSC 30 an answer from the MT 10 ,

3 outlines a mobile device logic MT 10 related to one aspect of the invention. If a message from the MSC 20 is received, the MT must 10 determine if the message being received represents a command to one of the newly defined LOCK or BINDING step 100 to activate. A first preferred exam will be in one step 105 is identified as the check to see if the message is a MT-UIM SECURITY REQUEST MESSAGE INDICATING MT-UIM or SAFETY REQUEST MESSAGE. If this message contains such a command, the control flow branches from one step 105 to a step 120 , If the message is not an MT-UIM BIND, the control flow branches from one step 105 to a step 110 ,

A mobile MT 10 processing of steps 110 Upwards will be discussed by the MSC 30 Logic followed by a UIM-IMEI binding step 325 from 2 is linked.

In one step 120 from 3 must the MT 10 verify that the message being received is authorized. This is done by using conventional authentication procedures in the UIM 20 be exploited with new procedures in the MT 10 combined to perform the function. As in 5a noted, included MT-UIM-BINDING messages the RAND from the AuC 36 which is well known to those skilled in the art. To harden the procedure, the preferred embodiment of this invention will place an additional requirement on the RAND to protect against chipping. These requirements should be well considered and specific to a particular implementation. The preferred method of recommended curing is to use the MT 10 to construct an AUTEHTIFICATION REQUEST with a randomly selected RAND and make this request to the MSC 30 can be transferred. The MSC 30 then would the edge be that of the MT 10 is received, to the appropriate HLR 35 AuC 36 - Send function and receive the correct SRES response. The MSC 30 would then construct an AUTHENTICATION RESPONSE message containing the SRES 12 and transmitted to the MT 10. The MT 10 Then the SRES that received it would be in the AUTHENTIC ANSWER from the MSC 30 compare with an SRES, the UIM 20 by using the RAND that was originally sent to the MSC 30 in the AUTHENTICATION REQUEST message was sent. If these two SRES values match, the AUTHENTIC ANSWER is considered authentic. This procedure requires that the MSC 30 and the AuC 36 be modified to support the message exchanges that are noted, which are already understood by those skilled in the art. Another example of considered hardening might be that a list of sufficient length is maintained from a previously received RAND and that the RAND being received is checked in the message against that list. If the RAND is found to be maintained in the list and the probability of such a match is unlikely to be considered, the message may be discarded and a control flow branched to a step 131 , This type of procedure may be combined with other procedures, such as monitoring the frequency of receiving various messages containing a RAND; however, specifically identifying any method of additional cure would only serve to provide 'hackers' with information that should be denied them. If the EDGE goes through the recommended hardening techniques required for the particular MT 10 Implementation is selected, drives the MT 10 with an authentication method. The EDGE is sent to the UIM 20 sent via conventional means and the UIM 20 returns an SRES value, which in the conventional way is given by a UIM 20 Authentication logic is calculated. In one step 130 compares the MT 10 then the SRES included in the MT-UIM-BINDN messages from the MSC 30 is received, with the SRES, by the UIM 20 is calculated. If the two SRES values are identical, the MT-UIM BIND command is considered authentic and authorized and a control flow branches from one step 130 to a step 140 , If an authentication in one step 130 fails, a control flow branches to a step 131 ,

In one step 140 leads the MT 10 internal UIM binding procedures that use the MT 10 - modify processing to only the UIM 20 Card that is currently in the MT 10 Binding procedures that are unique to the hardware and software design of the MT in question 10 are or must be closely guarded to ensure the security of this function against 'hacking' or other fraud. UIM binding procedures for a given MT 10 Design are well known to those skilled in the art and an application to a specific MT 10 Design, but never disclosed by such disclosure as a result of the security risk. A controller flows from one step 140 to a step 141 where the MT 10 determines if the MT 10 BINDING procedure was successful; if so, a flow of control branches to a step 142 and if not, he branches to one step 131 ,

In one step 142 has the MT 10 verifies that it is the UIM in question 20 therefore constructs a SECURITY RESPONSE or SECURITY ANSWER ( 5b ) indicating that the MT-UIM BINDING was successful. This message is sent to the MSC 30 transfer. A control flow falls to a step 150 and the process is over.

A step 131 constructed a SECURITY ANSWER indicating that the MT-UIM binding operation failed and the reason for the failure. This message is then sent to the MSC 30 and portrays the cause of failure as either an authentication failure or other processing failure. A control flow then falls to a step 150 and the process is over.

By controlling the flow of MT 10 has now been explored 2 Reference, a step 316 , and where the discussion in view of the MSC 30 Control flow was left. The MSC 30 that has a response or a timeline to a response from MT 10 has its control flow from one step 316 to a step 317 where the MSC 30 the information in view of the results of the MT-UIM binding operation from the MT 10 for future reference by a step 330 stored. Then, a control flows from one step 317 to a step 320 ,

In block 320 determines the MSC 30 whether a UIM-IMEI binding function is free. The conditions for determining when this feature is enabled will vary widely depending on regulatory-regulatory issues, operator preferences, and other factors, so a 'normal' mode of operation is not expected for that feature if it is fully in the operator's favor; however, when the function is enabled, a control flow of block 320 to block 325 branch. When the function is disabled, a control flow branches from block 320 to block 330 ,

In block 325 construct the MSC 30 A SECURITY REQUEST that indicates a UIM-IMEI binding command and transmits this message to the MT 10 , Like the MT-UIM binding command, the UIM-IMEI-BIND command contains a RAND and SRES pair from the AuC 36 Function with the UIM 20 as a means to authenticate the operation. A control flow from a block 325 drives to a block 330 continued.

The MSC 30 Control flows from one step 325 to a step 326 where the MSC 30 waiting for an answer effectively or waiting for a message for the MT in time 10 will expire, so it will now be on the MT 10 -Focusing processing in 3 is noted.

As noted previously, when the MT flows 10 a message from MSC 30 receives the control through a step 100 to a step 105 , If that in one step 105 received message has not indicated an MT-UIM binding command, control flows from one step 105 to a step 110 ,

A step 110 Tests the contents of the received message to determine if it contains a UIM IMEI BIND command. If this is the case, control branches from one step 110 to a step 125 , If not, one-step control branches 110 to a step 115 ,

A step 115 represents the processing of other commands issued by the MSC 30 which are not of interest and therefore we can consider processing in this embodiment of the invention.

A step 125 is responsible for securing the authenticity of the received UIM-IMEI-BIND command. As in 5a displayed, the SECURITY REQUEST, which indicates a UIM IMEI BIND command, contains the RAND and SRES corresponding to the UIM in question 20 through the AuC 36 that with this UIM 20 connected is calculated. As in the discussion of 3 a step 120 As noted, preferred embodiments will have additional curing requirements imposed on the RAND by the MT 10 are placed. This curing requirement may intentionally be different from those in one step 120 selected or identical, depending on a decision of the implementer. If the hardened RAND requirements are not on the MT 10 go through, it explains the command in one step 135 as invalid and branches to a step 136 , Otherwise, the UIM IMEI BIND command will be issued by the MT 10 to the UIM 20 completely with both the RAND and the SRES transmitted in the message sent by the MSC 30 is received for further processing. A control flow then moves from one step 135 to a step 145 continued.

In one step 145 transmits the MT 10 the UIM IMEI BIND command to the UIM 20 and wait for the results of the operation or a timeout.

4 shows the flow of control within the UIM 20 for processing the UIM IMEI BIND command. This process is performed by the recipient of the UIM-IMEI-BIND command from the MT 10 in one step 145 which initiates in one step 200 from 4 UIM 20 results. A controller flows from one step 200 to a step 205 where the UIM extracts the RIM contained in the UIM-IMEI-BIND message and computes an SRES in the conventional manner. Once the UIM 20 an SRES in one step 20 has calculated, a control flows in one step 210 where the UIM 20 calculated SRES is compared with the SRES described in the UIM IMEI BIND message from MSC 30 is included. If the two SRES values are identical, control branches from one step 210 to a step 215 , If the two SRES values are not identical, control branches from one step 210 to a step 230 ,

In one step 215 calls for the UIM 20 the IMEI 15 from the MT 10 at. The IMEI 15 - Value is in the UIM 20 stored for future reference in each initialization cycle and so on. A controller flows from one step 215 to a step 220 where a success of one step 215 Is tested. When the operation is successfully completed, control flows from one step 220 to a step 225 , If not, one-step control branches 220 to a step 230 ,

A step 225 saves the fact that the UIM is now successfully linked to a specific IMEI 15 is bound by an indicator of this fact on the UIM 20 is stored. In addition, the UIM shows 20 the MT 10 that the UIM IMEI BIND command has been successfully executed. A tax It flows from one step 225 to a step 235 and the process is ended.

A step 230 sends an ad to the MT 10 that the UIM IMEI BINDING operation in one step 145 (or timing) and moves to a step 146 where, if the operation was successful, an MT 10 Control of one step 146 to a step 147 branched. If not, one-step control branches 146 to a step 136 ,

In one step 147 construct the MT 10 A SECURITY ANSWER indicating that the UIM-IMEI BIND was successful and transmits this message to the MSC 30 , A controller in the MT 10 then flows from one step 147 to a step 150 and the MT 10 Process is finished.

In one step 136 construct the MT 10 A SECURITY ANSWER that displays a UIM IMEI BINDING miss and transmits this message to an MSC 30 , A controller in a MT 10 then flows from one step 136 to a step 150 and the MT 10 Process is finished.

In one step 136 The MT 10 constructs a SECURITY ANSWER that indicates a UIM IMEI BIND failure and transmits this message to MSC 30 , A control in MT 10 then flows from one step 136 to a step 150 and the MT 10 - Process is finished.

Referring now to 2 a control flow moves from one step 326 to a step 327 continued, as the MSC 30 a message from the MT 10 has received. In one step 327 saves an MSC 30 the results obtained by the MT 10 be reported for reference in one step 330 , The controller then flows from one step 327 to a step 330 ,

A block 330 handles the processing of administrative reports. In a preferred embodiment, these reports become the IMEI 15 the MT in question 10 contain the status of the IMEI 15 from the EIR 60 is linked to information that the user is looking at the UIM 20 linked in the MT 10 is included and the action taken by the MSC 30 depending on the branches taken, report-only, MTA-UIM BIND (success / failure / not tempted), UIM-IMEI BIND (success / failure / not tempted) as well as the results of MT 10 Binding operations, if applicable. These reports would eventually be forwarded to the proper authorities for possible criminal investigations, etc.

In one step 605 calls for the UIM 20 the IMEI 15 of the current MT 10 at. A controller flows from one step to a step 610 where the success of the IMEI query operation of a step 650 is checked. If the IMEI 15 of the current MT 10 is received, a control branches from one step 610 to a step 615 , If not, one-step control branches 605 to a step 625 ,

A step 615 compares the IMEI 15 who from the current MT 10 is received with the IMEI 15 on the UIM 20 in one step 215 from 4 is stored. If the two IMEI values are identical, a one-step control flow branches 620 to a step 699 where conventional processing continues and the process is terminated in view of the present invention. If the two IMEI values are not identical, one-step control branches 620 to a step 625 ,

In one step 625 shows the UIM 20 assume that the initialization process to the MT 10 is held, because the UIM 20 currently at an IMEI 15 is bound by the IMEI 15 that of the current MT 10 is received, is different. A controller then flows from one step 625 to a step 630 and the process is ended.

5a is a preferred embodiment of the MSC 30 to a MT 10 SECURITY REQUEST message. The message is new; however, several components of the message are conventionally used in the existing system. The new information elements are of the SECURITY REQUEST MESSAGE TYPE, which is an eight-bit value that will uniquely identify this message type within the MOBILITY MANAGEMENT set of messages. This value is given some value by standardization bodies that is acceptable as long as it is clearly in the SECURITY MESSAGE range of mobility handling message types. The next new piece of information is TYPE OF SECURITY REQUEST, or TYPE OF SECURITY REQUIREMENT. The preferred length of this information element is eight bits. One bit is reserved. One bit is used to indicate the binding state that is requested, where 0 is 'UNLOCK' or 'OPEN' and 1 is 'LOCK' or 'BIND' respectively. One bit is used to indicate an MT-UIM binding and one bit is used to indicate the UIM-IMEI binding. The rest is reserved. The MT-UIM and UIM-IMEI bits could be used as a bitmask such that the MSC 30 the MT 10 to a binding action sen, or to open both bonds via a message; however, the preferred embodiment is just one message bond for simplicity. Numerous other formats and structures could be used to implement this embodiment of the invention.

5b is a preferred embodiment of MT 10 to MSC 30 SECURITY ANSWER. As in 5a noted, several information elements are conventional. The SECURITY REQUEST MESSAGE TYPE is an eight-bit value that will uniquely identify this type of message within the MOBILITY HANDLING set of messages. This value is given some value by standardization bodies that is acceptable as long as it is clearly in the SECURITY MESSAGE area of mobility handling message types. The TYPE OF SECURITY REQUIREMENT is in 5a described. For simplicity, the preferred embodiment is just a binding action by message; however, if there were more than one binding identifier set in the SECURITY ANSWER message, there would be multiple RESULT CODE or RESULT CODE information elements, one set for each binding-identified set (ie, value 1). The RESULT CODE would map so that the first RESULT CODE IEI corresponds to the binding identified in the least significant bit of the binding bit map, etc. A value of "0" indicates that the operation was successful, and the RESULT CODE with a value of "1" indicates a failure because of an SRES caused by a UIM 20 is not consistent with the SRES in the SAFETY REQUEST. The binary result code of "10" indicates that the operation due to a time-out failure of the preferred hardening technique of sending the authentication request message to the MSC 30 failed. The binary result code "11" indicates that the SRES of the Authentication Response of MSC 30 was incorrect. All other values represent various types of failure whose meaning is known only to the manufacturer of the involved MT 10. Numerous other formats and structures could be employed to accomplish this embodiment of the invention.

6 explains a UIM 20 Logic which must be introduced prior to conventional logic to realize the UIM-IMEI BINDING invention. In one step 600 checks - as soon as possible in the conventional processing of the UIM 20 and before a UIM 20 Initialization is complete or complete - the UIM 20 its control structures to determine if the UIM 20 currently to a specific IMEI 15 bound to a specific MT 10. If so, one-step control branches off 600 to a step 605 , If not, a control flow of one step branches 600 to a step 699 where conventional processing continues and the process is terminated in view of this embodiment of the invention.

you notice that a similar one Figure for one Mobilgerät- MT 10 - initialization processing for disposal could be asked however, since one MT 10 to MT 20 bond is currently over several Activation method exists, this information for the expert well known and are not described herein.

Embodiments consistent with the present invention ideally support opening of both the MT-UIM and UIM-IMEI functions via messages. For the person skilled in the art, this supports the format of the SAFETY REQUEST message via the 'UNLOCK' or 'OPEN' bit, which is in 5a is discussed. The logic and control flow for the opening operations are obvious when 3 and 4 to be viewed as. The logical opening operation for an MSC 30 is pretty much the same as Bindongssoperations except the triggers in 2 ; a step 310 can be the 'wise listing' of a previously blacklisted MT 10 or a manual interaction through a technician of the operator and various MSCs 30 - be in order to force the transmission of the appropriate command (s). A preferred embodiment supports both the 'batch' type process from a 'black listed' transition to a 'white listed' and a manual intervention.

While embodiments of the invention have been disclosed in detail, it should be by or for the Those skilled in the art understand that various modifications to the explained embodiments can be made without departing from the scope of the invention, as defined in the specification and defined in the appended claims is.

Claims (17)

A mobile communications network comprising at least one central base switch network and a plurality of remote mobile terminals including circuitry for transmitting and receiving electronic signals, each of the remote mobile terminals including a user identity module (UIM) having personalized user data for controlling the Transmission of signals therefrom, characterized in that the centralized central office network includes means for transmitting data signals to a selected remote mobile terminal to connect the selected remote mobile terminal to the contained UIM and the contained UIM thereby selectively inhibiting operation of the selected remote mobile terminal with any other of the UIMs and operation of the contained UIM with any other of the remote mobile terminals. Mobile communication network according to claim 1, wherein the central Base Switching Network Means for transmitting data signals to a selected one Remote mobile terminal includes to the selected remote terminal to the included UIM thereby binding operation of the selected long distance mobile terminal with any other of the UIMs is prevented. Mobile communication network according to claim 1 or claim 2, wherein the central base switching network means for transmitting from data signals to a selected one Remote Mobile Terminal contains, to bind the contained UIM to the selected remote terminal, thereby causing an operation of the contained UIM with any other the remote mobile terminals is prevented. Mobile communication network according to claim 1, claim 2 or Claim 3, wherein each UIM in each of the remote mobile terminals a Storage means for storing the personalized user data contains. Mobile communication network according to claim 1, wherein each UIM in each of the remote mobile terminals includes means responsive to the data signals responding by the centralized central office network become an operation of the remote mobile terminal with any other UIM to prevent if the transferred Signal data is the same as the personalized user data, which are stored in the UIM of the remote mobile terminal. Mobile communication network according to any preceding one Claim, wherein the remote mobile terminals are cellular telephones. Mobile communication network according to any preceding one Claim, wherein each of the remote mobile terminals is a unique international Mobile Equipment Identity (IMEI) contains. Mobile communication network according to any preceding one Claim, wherein the central base switching network is a mobile switching network contains which includes a mobile switching center (MSC) having at least one base station controller (BSC) and at least one base transceiver system (BTS) for transmission the data signals to the selected remote mobile terminal connected is. The mobile communication network of claim 8, wherein the mobile switching center (MSC) includes Home Location Register (HLR) contains an authentication center (AUC), and wherein the mobile switching center (MSC) with a Equipment Identity Register (EIR), the data regarding the validity and status of the Mobile terminals contains. Method for binding a selected remote mobile terminal a mobile communications network that has at least one central Base switching network and a variety of long-distance mobile terminals comprising the circuits for transmitting and receiving electronic signals, each one the remote mobile terminals a user identity module Contains (UIM), the personalized user data for controlling the transmission contains signals of it characterized by the steps: Step 1: Transfer of data signals from the central office switching network a UIM of a selected one Remote mobile terminals, Step 2: Receive the data signals, which are transmitted by the central base switching network and selective Bind the selected one Remote mobile terminals to the contained UIM and UIM to the selected remote mobile terminal, thereby operating the selected remote mobile terminal with with any other UIMs and a running UIM included any other of the remote mobile terminals is prevented. Method for binding a selected remote mobile terminal of a mobile communications network according to claim 10, wherein the included UIM is bound to a specific remote mobile terminal. A method of binding a selected long distance mobile terminal of a mobile communications network according to claim 10 or claim 11, wherein in step 2 the specific long distance mobile terminal is bound to the contained UIM. A method of binding a selected remote mobile terminal of a mobile communications network according to claim 10 or claim 11, wherein step 2 Comparing the personalized user data in the UIM with the received data signal from the centralized central office network and binding the UIM and preventing operation of the selected remote module if the received data is the same as the personalized data. A method for binding a selected remote mobile terminal of a mobile communication network according to claim 13, further comprising authentication operations included in the UIM are and where step 2 further comparing the results of the authentication procedures. A method for binding a selected remote mobile terminal of a mobile communications network according to any preceding claim, wherein the step 1 the steps of obtaining the International Mobile Equipment Identity (IMEI) of the selected mobile terminal, querying an Equipment Identity Register (EIR) for the status of the International Mobile Equipment Identity to determine if the selected Remote Mobile Terminal is stolen and transmitting a User Identity Module Bind command to the selected Remote Mobile Terminal. A method for binding a selected long distance mobile terminal of a mobile communications network according to claim 10, wherein the step 2 Determining whether a received command transmitted from the centralized central office network is a bind command, verifying the authenticity of the bind command, and executing a mobile terminal-to-user identity module binding. A method of binding a selected long distance mobile terminal of a mobile communications network according to claim 16, wherein the step 2 Sending an acknowledgment from the selected long distance mobile terminal to the central hub network includes that the selected long distance mobile terminal has been bound.